hopingbummys.com Open in urlscan Pro
104.21.14.101 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://bit.ly/3orNJau#cl/56470_md/3/12069/2783/505/72792
Effective URL:
https://hopingbummys.com/?5ad1b5a6a43f315749422729ae2ca8f5
Submission: On October 02 via api (October 2nd 2021, 4:35:29 pm UTC) from BE — Scanned from DE

Summary HTTP 64 Redirects Behaviour Indicators

Summary

This website contacted 14 IPs in 4 countries across 14 domains to perform 64 HTTP transactions. The main IP is 104.21.14.101, located in and belongs to CLOUDFLARENET, US. The main domain is hopingbummys.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on September 14th 2021. Valid for: a year.

This is the only time hopingbummys.com was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Weightloss Scam (Online)

Domain & IP information

	IP Address	AS Autonomous System
1 1	67.199.248.10 67.199.248.10	396982 (GOOGLE-PR...) (GOOGLE-PRIVATE-CLOUD)
1 13	87.120.8.153 87.120.8.153	34224 (NETERRA-AS) (NETERRA-AS)
2	142.250.184.202 142.250.184.202	15169 (GOOGLE) (GOOGLE)
1	104.26.6.173 104.26.6.173	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	172.99.173.141 172.99.173.141	398343 (BAXET-GROUP) (BAXET-GROUP)
1 1	104.21.31.196 104.21.31.196	13335 (CLOUDFLAR...) (CLOUDFLARENET)
26	104.21.14.101 104.21.14.101	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	172.67.211.43 172.67.211.43	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	185.60.216.19 185.60.216.19	32934 (FACEBOOK) (FACEBOOK)
2	52.222.236.58 52.222.236.58	16509 (AMAZON-02) (AMAZON-02)
2	104.19.135.78 104.19.135.78	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	142.250.185.67 142.250.185.67	15169 (GOOGLE) (GOOGLE)
3	35.186.226.184 35.186.226.184	15169 (GOOGLE) (GOOGLE)
3	185.60.216.35 185.60.216.35	32934 (FACEBOOK) (FACEBOOK)
4	104.21.77.189 104.21.77.189	13335 (CLOUDFLAR...) (CLOUDFLARENET)
64	14

1 67.199.248.10 (United States) 1 redirects

ASN396982 (GOOGLE-PRIVATE-CLOUD, US)
PTR: bit.ly

bit.ly	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 87.120.8.153 (Bulgaria) 1 redirects

ASN34224 (NETERRA-AS, BG)
PTR: 8ez4.bloox.club

banko.ru.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.184.202 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s11-in-f10.1e100.net

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.26.6.173 (United States)

ASN13335 (CLOUDFLARENET, US)

code.ionicframework.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.99.173.141 (United States)

ASN398343 (BAXET-GROUP, US)
PTR: 172-99-173-141.telecomgroupdesign.com

elasticlines.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.21.31.196 (None, ) 1 redirects

ASN13335 (CLOUDFLARENET, US)

herculianstr.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

26 104.21.14.101 (None, )

ASN13335 (CLOUDFLARENET, US)

hopingbummys.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.67.211.43 (United States)

ASN13335 (CLOUDFLARENET, US)

trk-aliquando.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.60.216.19 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
PTR: xx-fbcdn-shv-01-frx5.fbcdn.net

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.222.236.58 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-236-58.fra56.r.cloudfront.net

sc-static.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.19.135.78 (None, )

ASN13335 (CLOUDFLARENET, US)

a.mgid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 142.250.185.67 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s48-in-f3.1e100.net

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 35.186.226.184 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 184.226.186.35.bc.googleusercontent.com

tr.snapchat.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 185.60.216.35 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
PTR: edge-star-mini-shv-01-frx5.facebook.com

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 104.21.77.189 (None, )

ASN13335 (CLOUDFLARENET, US)

event.trk-aliquando.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
26	hopingbummys.com hopingbummys.com	1 MB
13	ru.com 1 redirects banko.ru.com	358 KB
5	trk-aliquando.com trk-aliquando.com event.trk-aliquando.com	3 KB
3	facebook.com www.facebook.com	505 B
3	snapchat.com tr.snapchat.com	292 B
3	gstatic.com fonts.gstatic.com	47 KB
2	mgid.com a.mgid.com	4 KB
2	sc-static.net sc-static.net	15 KB
2	facebook.net connect.facebook.net	170 KB
2	googleapis.com fonts.googleapis.com	3 KB
1	herculianstr.com 1 redirects herculianstr.com	805 B
1	elasticlines.com elasticlines.com	527 B
1	ionicframework.com code.ionicframework.com	9 KB
1	bit.ly 1 redirects bit.ly	246 B
64	14

	Domain	Requested by
26	hopingbummys.com	elasticlines.com hopingbummys.com
13	banko.ru.com	1 redirects banko.ru.com
4	event.trk-aliquando.com	trk-aliquando.com
3	www.facebook.com	hopingbummys.com
3	tr.snapchat.com	hopingbummys.com
3	fonts.gstatic.com	fonts.googleapis.com
2	a.mgid.com	hopingbummys.com
2	sc-static.net	hopingbummys.com sc-static.net
2	connect.facebook.net	hopingbummys.com connect.facebook.net
2	fonts.googleapis.com	banko.ru.com hopingbummys.com
1	trk-aliquando.com	hopingbummys.com
1	herculianstr.com	1 redirects
1	elasticlines.com	banko.ru.com
1	code.ionicframework.com	banko.ru.com
1	bit.ly	1 redirects
64	15

This site contains no links.

Subject Issuer	Validity	Valid
elasticlines.com R3	`2021-09-17` - `2021-12-16`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-09-14` - `2022-09-13`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2021-09-13` - `2021-11-20`	2 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2021-09-09` - `2021-12-08`	3 months	crt.sh
sc-static.net DigiCert TLS RSA SHA256 2020 CA1	`2021-02-11` - `2022-02-15`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2021-09-13` - `2021-11-20`	2 months	crt.sh
tr.snapchat.com DigiCert TLS RSA SHA256 2020 CA1	`2021-01-19` - `2022-01-23`	a year	crt.sh

This page contains 4 frames:

Primary Page: https://hopingbummys.com/?5ad1b5a6a43f315749422729ae2ca8f5
Frame ID: 05F60613D965B4AB4FD00F4D88CBFD38
Requests: 59 HTTP requests in this frame

Frame: https://tr.snapchat.com/cm/i?pid=cc25c7df-1e44-4f51-8ff1-8c175d6334c1
Frame ID: CCB0BDD562D2228DA789459EB4A1F0A2
Requests: 1 HTTP requests in this frame

Frame: https://tr.snapchat.com/p
Frame ID: 4CC57ABD67F0B120545AC9FF3FB3742D
Requests: 1 HTTP requests in this frame

Frame: https://tr.snapchat.com/p
Frame ID: CBDD141E986C57E32D671D36E6E67315
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

50lbs in 61 Days: New No-Exercise ‘Skinny Pill’ Melts Belly Fat. Why Every Judge On Shark Tank Backed This Product!

Page URL History Show full URLs

https://bit.ly/3orNJau HTTP 301
http://banko.ru.com/ Page URL
http://banko.ru.com/cl/56470_md/3/12069/2783/505/72792 HTTP 302
https://elasticlines.com/0/2/5588/3acc940dbe49fdec7c54c163a3066f61/3/56470_1/505_72792_12069_669490_md Page URL
https://herculianstr.com/index2.php?id=33&s1=350789&s2=614077412&s3=1718&s4=0&p=us2diet5g HTTP 302
https://hopingbummys.com/?5ad1b5a6a43f315749422729ae2ca8f5 Page URL

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Page Statistics

64
Requests

75 %
HTTPS

0 %
IPv6

14
Domains

15
Subdomains

14
IPs

4
Countries

2012 kB
Transfer

2674 kB
Size

12
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://bit.ly/3orNJau HTTP 301
http://banko.ru.com/ Page URL
http://banko.ru.com/cl/56470_md/3/12069/2783/505/72792 HTTP 302
https://elasticlines.com/0/2/5588/3acc940dbe49fdec7c54c163a3066f61/3/56470_1/505_72792_12069_669490_md Page URL
https://herculianstr.com/index2.php?id=33&s1=350789&s2=614077412&s3=1718&s4=0&p=us2diet5g HTTP 302
https://hopingbummys.com/?5ad1b5a6a43f315749422729ae2ca8f5 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

https://bit.ly/3orNJau HTTP 301
http://banko.ru.com/

Request Chain 14

http://banko.ru.com/cl/56470_md/3/12069/2783/505/72792 HTTP 302
https://elasticlines.com/0/2/5588/3acc940dbe49fdec7c54c163a3066f61/3/56470_1/505_72792_12069_669490_md

64 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

/
banko.ru.com/
Redirect Chain

https://bit.ly/3orNJau
http://banko.ru.com/

16 KB
16 KB

235ms
86ms

Document
text/html

87.120.8.153
NETERRA-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://banko.ru.com/
Protocol: HTTP/1.1
Server: 87.120.8.153 , Bulgaria, ASN34224 (NETERRA-AS, BG),
Reverse DNS: 8ez4.bloox.club
Software: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.1.33 / PHP/7.1.33
Resource Hash

Request headers

Host: banko.ru.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Accept-Encoding: gzip, deflate
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

Date: Sat, 02 Oct 2021 16:35:19 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.1.33
X-Powered-By: PHP/7.1.33
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8

Redirect headers

server: nginx
date: Sat, 02 Oct 2021 16:35:19 GMT
content-type: text/html; charset=utf-8
content-length: 107
cache-control: private, max-age=90
content-security-policy: referrer always;
location: http://banko.ru.com/
referrer-policy: unsafe-url
set-cookie: _bit=l92gzj-adcd21ab0bd38577e7-008; Domain=bit.ly; Expires=Thu, 31 Mar 2022 16:35:19 GMT
via: 1.1 google
alt-svc: clear

GET
H/1.1 200
OK css
fonts.googleapis.com/ 2 KB
1 KB 24ms
17ms Stylesheet
text/css 142.250.184.202
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://fonts.googleapis.com/css?family=Lato:400,300,700

Requested by

Host: banko.ru.com
URL: http://banko.ru.com/

Protocol

HTTP/1.1

Server

142.250.184.202 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f10.1e100.net

Software

ESF /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://banko.ru.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Sat, 02 Oct 2021 16:35:20 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Transfer-Encoding: chunked
Cross-Origin-Resource-Policy: cross-origin
X-XSS-Protection: 0
Last-Modified: Sat, 02 Oct 2021 16:35:20 GMT
Server: ESF
X-Frame-Options: SAMEORIGIN
Report-To: {"group":"AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU"}]}
Content-Type: text/css; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: private, max-age=86400, stale-while-revalidate=604800
Timing-Allow-Origin: *
Link: <http://fonts.gstatic.com>; rel=preconnect; crossorigin
Cross-Origin-Opener-Policy-Report-Only: same-origin; report-to="AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU"
Expires: Sat, 02 Oct 2021 16:35:20 GMT

GET
H/1.1 200
OK ionicons.min.css
code.ionicframework.com/ionicons/2.0.1/css/ 50 KB
9 KB 48ms
23ms Stylesheet
text/css 104.26.6.173
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://code.ionicframework.com/ionicons/2.0.1/css/ionicons.min.css
Requested by: Host: banko.ru.com
URL: http://banko.ru.com/
Protocol: HTTP/1.1
Server: 104.26.6.173 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://banko.ru.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

X-Fastly-Request-ID: c9cd64dfe992c153a7ce0c5a1957462e558bec6f
Date: Sat, 02 Oct 2021 16:35:20 GMT
Content-Encoding: gzip
CF-Cache-Status: HIT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Age: 74406
X-Cache: HIT
Connection: keep-alive
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
Content-Length: 8313
X-Served-By: cache-fra19163-FRA
Access-Control-Allow-Origin: *
Last-Modified: Thu, 29 Apr 2021 18:50:21 GMT
Server: cloudflare
X-GitHub-Request-Id: 2886:A85E:24A7CF:28F293:615699F1
X-Timer: S1633118115.676098,VS0,VE1
ETag: W/"608affed-c854"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EvhrX2dwa2BxkaKGseIPaSm8Gtq%2BXvb%2FyFaGomNnLonv0y67E2%2BpFFjXu4i1dRQ%2FFpXgWtMH6Z6sn5DHvZu7BHcVEmbCvigmRjZKGBXO7H1DfgbDTGv7YkOxw0i%2Fceh7wzeodykpGuix"}],"group":"cf-nel","max_age":604800}
Content-Type: text/css; charset=utf-8
Via: 1.1 varnish
expires: Fri, 01 Oct 2021 05:27:37 GMT
Cache-Control: max-age=31536000
x-proxy-cache: MISS
Accept-Ranges: bytes
CF-RAY: 697f57e29dc4f9da-PRG
x-origin-cache: HIT
X-Cache-Hits: 1

GET
H/1.1 200
OK bootstrap.min.css
banko.ru.com/css/ 111 KB
112 KB 69ms
37ms Stylesheet
text/css 87.120.8.153
NETERRA-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://banko.ru.com/css/bootstrap.min.css
Requested by: Host: banko.ru.com
URL: http://banko.ru.com/
Protocol: HTTP/1.1
Server: 87.120.8.153 , Bulgaria, ASN34224 (NETERRA-AS, BG),
Reverse DNS: 8ez4.bloox.club
Software: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.1.33 /
Resource Hash

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: banko.ru.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept: text/css,*/*;q=0.1
Referer: http://banko.ru.com/
Connection: keep-alive
Cache-Control: no-cache
Accept-Language: de-DE,de;q=0.9
Referer: http://banko.ru.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Sat, 02 Oct 2021 16:35:20 GMT
Last-Modified: Thu, 11 Aug 2016 06:38:52 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.1.33
ETag: "1bd5b-539c604e55700"
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 114011

GET
H/1.1 200
OK font-awesome.min.css
banko.ru.com/css/ 21 KB
22 KB 82ms
41ms Stylesheet
text/css 87.120.8.153
NETERRA-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://banko.ru.com/css/font-awesome.min.css
Requested by: Host: banko.ru.com
URL: http://banko.ru.com/
Protocol: HTTP/1.1
Server: 87.120.8.153 , Bulgaria, ASN34224 (NETERRA-AS, BG),
Reverse DNS: 8ez4.bloox.club
Software: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.1.33 /
Resource Hash

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: banko.ru.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept: text/css,*/*;q=0.1
Referer: http://banko.ru.com/
Connection: keep-alive
Cache-Control: no-cache
Accept-Language: de-DE,de;q=0.9
Referer: http://banko.ru.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Sat, 02 Oct 2021 16:35:20 GMT
Last-Modified: Thu, 11 Aug 2016 06:38:52 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.1.33
ETag: "55e0-539c604e55700"
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 21984

GET
H/1.1 200
OK owl.carousel.css
banko.ru.com/css/ 5 KB
5 KB 117ms
73ms Stylesheet
text/css 87.120.8.153
NETERRA-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://banko.ru.com/css/owl.carousel.css
Requested by: Host: banko.ru.com
URL: http://banko.ru.com/
Protocol: HTTP/1.1
Server: 87.120.8.153 , Bulgaria, ASN34224 (NETERRA-AS, BG),
Reverse DNS: 8ez4.bloox.club
Software: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.1.33 /
Resource Hash

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: banko.ru.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept: text/css,*/*;q=0.1
Referer: http://banko.ru.com/
Connection: keep-alive
Cache-Control: no-cache
Accept-Language: de-DE,de;q=0.9
Referer: http://banko.ru.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Sat, 02 Oct 2021 16:35:20 GMT
Last-Modified: Thu, 11 Aug 2016 06:38:52 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.1.33
ETag: "1206-539c604e55700"
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 4614

GET
H/1.1 200
OK animate.css
banko.ru.com/css/ 73 KB
73 KB 84ms
37ms Stylesheet
text/css 87.120.8.153
NETERRA-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://banko.ru.com/css/animate.css
Requested by: Host: banko.ru.com
URL: http://banko.ru.com/
Protocol: HTTP/1.1
Server: 87.120.8.153 , Bulgaria, ASN34224 (NETERRA-AS, BG),
Reverse DNS: 8ez4.bloox.club
Software: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.1.33 /
Resource Hash

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: banko.ru.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept: text/css,*/*;q=0.1
Referer: http://banko.ru.com/
Connection: keep-alive
Cache-Control: no-cache
Accept-Language: de-DE,de;q=0.9
Referer: http://banko.ru.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Sat, 02 Oct 2021 16:35:20 GMT
Last-Modified: Thu, 11 Aug 2016 06:38:52 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.1.33
ETag: "12279-539c604e55700"
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 74361

GET
H/1.1 200
OK main.css
banko.ru.com/css/ 17 KB
17 KB 91ms
43ms Stylesheet
text/css 87.120.8.153
NETERRA-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://banko.ru.com/css/main.css
Requested by: Host: banko.ru.com
URL: http://banko.ru.com/
Protocol: HTTP/1.1
Server: 87.120.8.153 , Bulgaria, ASN34224 (NETERRA-AS, BG),
Reverse DNS: 8ez4.bloox.club
Software: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.1.33 /
Resource Hash

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: banko.ru.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept: text/css,*/*;q=0.1
Referer: http://banko.ru.com/
Connection: keep-alive
Cache-Control: no-cache
Accept-Language: de-DE,de;q=0.9
Referer: http://banko.ru.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Sat, 02 Oct 2021 16:35:20 GMT
Last-Modified: Thu, 11 Aug 2016 06:38:52 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.1.33
ETag: "4452-539c604e55700"
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 17490

GET
H/1.1 200
OK responsive.css
banko.ru.com/css/ 2 KB
2 KB 159ms
77ms Stylesheet
text/css 87.120.8.153
NETERRA-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://banko.ru.com/css/responsive.css
Requested by: Host: banko.ru.com
URL: http://banko.ru.com/
Protocol: HTTP/1.1
Server: 87.120.8.153 , Bulgaria, ASN34224 (NETERRA-AS, BG),
Reverse DNS: 8ez4.bloox.club
Software: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.1.33 /
Resource Hash

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: banko.ru.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept: text/css,*/*;q=0.1
Referer: http://banko.ru.com/
Connection: keep-alive
Cache-Control: no-cache
Accept-Language: de-DE,de;q=0.9
Referer: http://banko.ru.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Sat, 02 Oct 2021 16:35:20 GMT
Last-Modified: Thu, 11 Aug 2016 06:38:52 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.1.33
ETag: "80f-539c604e55700"
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 2063

GET
H/1.1 200
OK logo.png
banko.ru.com/images/ 3 KB
3 KB 58ms
57ms Image
image/png 87.120.8.153
NETERRA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://banko.ru.com/images/logo.png
Requested by: Host: banko.ru.com
URL: http://banko.ru.com/
Protocol: HTTP/1.1
Server: 87.120.8.153 , Bulgaria, ASN34224 (NETERRA-AS, BG),
Reverse DNS: 8ez4.bloox.club
Software: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.1.33 /
Resource Hash

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: banko.ru.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer: http://banko.ru.com/
Connection: keep-alive
Cache-Control: no-cache
Accept-Language: de-DE,de;q=0.9
Referer: http://banko.ru.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Sat, 02 Oct 2021 16:35:20 GMT
Last-Modified: Thu, 11 Aug 2016 06:38:52 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.1.33
ETag: "b67-539c604e55700"
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 2919

GET
H/1.1 200
OK logo-2.png
banko.ru.com/images/ 3 KB
3 KB 96ms
96ms Image
image/png 87.120.8.153
NETERRA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://banko.ru.com/images/logo-2.png
Requested by: Host: banko.ru.com
URL: http://banko.ru.com/
Protocol: HTTP/1.1
Server: 87.120.8.153 , Bulgaria, ASN34224 (NETERRA-AS, BG),
Reverse DNS: 8ez4.bloox.club
Software: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.1.33 /
Resource Hash

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: banko.ru.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer: http://banko.ru.com/
Connection: keep-alive
Cache-Control: no-cache
Accept-Language: de-DE,de;q=0.9
Referer: http://banko.ru.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Sat, 02 Oct 2021 16:35:20 GMT
Last-Modified: Thu, 11 Aug 2016 06:38:52 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.1.33
ETag: "c30-539c604e55700"
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
Content-Length: 3120

GET
H/1.1 200
OK 1.jpg
banko.ru.com/images/about/ 50 KB
51 KB 67ms
67ms Image
image/jpeg 87.120.8.153
NETERRA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://banko.ru.com/images/about/1.jpg
Requested by: Host: banko.ru.com
URL: http://banko.ru.com/
Protocol: HTTP/1.1
Server: 87.120.8.153 , Bulgaria, ASN34224 (NETERRA-AS, BG),
Reverse DNS: 8ez4.bloox.club
Software: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.1.33 /
Resource Hash

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: banko.ru.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer: http://banko.ru.com/
Connection: keep-alive
Cache-Control: no-cache
Accept-Language: de-DE,de;q=0.9
Referer: http://banko.ru.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Sat, 02 Oct 2021 16:35:20 GMT
Last-Modified: Thu, 11 Aug 2016 06:38:52 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.1.33
ETag: "c8c7-539c604e55700"
Content-Type: image/jpeg
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
Content-Length: 51399

GET
H/1.1 200
OK 2.jpg
banko.ru.com/images/about/ 34 KB
34 KB 75ms
74ms Image
image/jpeg 87.120.8.153
NETERRA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://banko.ru.com/images/about/2.jpg
Requested by: Host: banko.ru.com
URL: http://banko.ru.com/
Protocol: HTTP/1.1
Server: 87.120.8.153 , Bulgaria, ASN34224 (NETERRA-AS, BG),
Reverse DNS: 8ez4.bloox.club
Software: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.1.33 /
Resource Hash

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: banko.ru.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer: http://banko.ru.com/
Connection: keep-alive
Cache-Control: no-cache
Accept-Language: de-DE,de;q=0.9
Referer: http://banko.ru.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Sat, 02 Oct 2021 16:35:20 GMT
Last-Modified: Thu, 11 Aug 2016 06:38:52 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.1.33
ETag: "889e-539c604e55700"
Content-Type: image/jpeg
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=97
Content-Length: 34974

GET
H/1.1 200
OK 3.jpg
banko.ru.com/images/about/ 19 KB
19 KB 72ms
71ms Image
image/jpeg 87.120.8.153
NETERRA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://banko.ru.com/images/about/3.jpg
Requested by: Host: banko.ru.com
URL: http://banko.ru.com/
Protocol: HTTP/1.1
Server: 87.120.8.153 , Bulgaria, ASN34224 (NETERRA-AS, BG),
Reverse DNS: 8ez4.bloox.club
Software: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.1.33 /
Resource Hash

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: banko.ru.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer: http://banko.ru.com/
Connection: keep-alive
Cache-Control: no-cache
Accept-Language: de-DE,de;q=0.9
Referer: http://banko.ru.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Sat, 02 Oct 2021 16:35:20 GMT
Last-Modified: Thu, 11 Aug 2016 06:38:52 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.1.33
ETag: "4c50-539c604e55700"
Content-Type: image/jpeg
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=97
Content-Length: 19536

GET
H/1.1

200
OK

505_72792_12069_669490_md
elasticlines.com/0/2/5588/3acc940dbe49fdec7c54c163a3066f61/3/56470_1/
Redirect Chain

http://banko.ru.com/cl/56470_md/3/12069/2783/505/72792
https://elasticlines.com/0/2/5588/3acc940dbe49fdec7c54c163a3066f61/3/56470_1/505_72792_12069_669490_md

152 B
527 B

1333ms
636ms

Document
text/html

172.99.173.141
BAXET-GROUP

General

Check archive.org

Show headers Download Go to

Full URL: https://elasticlines.com/0/2/5588/3acc940dbe49fdec7c54c163a3066f61/3/56470_1/505_72792_12069_669490_md
Requested by: Host: banko.ru.com
URL: http://banko.ru.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 172.99.173.141 , United States, ASN398343 (BAXET-GROUP, US),
Reverse DNS: 172-99-173-141.telecomgroupdesign.com
Software: Apache /
Resource Hash

Request headers

Host: elasticlines.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: document
Referer: http://banko.ru.com/
Accept-Encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: http://banko.ru.com/#cl/56470_md/3/12069/2783/505/72792

Response headers

date: Sat, 02 Oct 2021 16:35:23 GMT
content-type: text/html; charset=UTF-8
server: Apache
set-cookie: uid1718=614077412-20211002123523-15c662f59f0f3391bdcfc4ad57150168-; domain=; expires=Mon, 01-Nov-2021 17:35:23 GMT; path=/; SameSite=None; Secure
content-encoding: gzip
transfer-encoding: chunked
vary: Accept-Encoding

Redirect headers

Date: Sat, 02 Oct 2021 16:35:20 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.1.33
X-Powered-By: PHP/7.1.33
Location: https://elasticlines.com/0/2/5588/3acc940dbe49fdec7c54c163a3066f61/3/56470_1/505_72792_12069_669490_md
Content-Length: 163
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8

GET
H2

200

Primary Request / Show response
hopingbummys.com/
Redirect Chain

https://herculianstr.com/index2.php?id=33&s1=350789&s2=614077412&s3=1718&s4=0&p=us2diet5g
https://hopingbummys.com/?5ad1b5a6a43f315749422729ae2ca8f5

31 KB
7 KB

131ms
100ms

Document
text/html

104.21.14.101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://hopingbummys.com/?5ad1b5a6a43f315749422729ae2ca8f5

Requested by

Host: elasticlines.com
URL: https://elasticlines.com/0/2/5588/3acc940dbe49fdec7c54c163a3066f61/3/56470_1/505_72792_12069_669490_md

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.21.14.101 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ad07ea8d152d5ab7cec7529e65e868c0ebbf64e72915eda7ce49a1db8b4377e8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: hopingbummys.com
:scheme: https
:path: /?5ad1b5a6a43f315749422729ae2ca8f5
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: document
referer: https://elasticlines.com/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://elasticlines.com/0/2/5588/3acc940dbe49fdec7c54c163a3066f61/3/56470_1/505_72792_12069_669490_md

Response headers

date: Sat, 02 Oct 2021 16:35:24 GMT
content-type: text/html; charset=UTF-8
set-cookie: PHPSESSID=6f86f4cd9d7bd35949d0d3b00059e5e3; path=/; secure
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
vary: Accept-Encoding,User-Agent
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-turbo-charged-by: LiteSpeed
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aGCmb0Vd738rzOuQsM4TEN%2BBLK%2FBzNSfqTuZj6FdxLHhTPasHIpNzI9cXje5%2BirORwLXSLoIMaKXDPsuTi69ptFYf9srFLmjuFniinoehs399yeA88Hk%2FcCvQ48MU34%2BcT63"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 697f57faedb8dfe3-FRA
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

Redirect headers

date: Sat, 02 Oct 2021 16:35:23 GMT
content-type: text/html; charset=UTF-8
location: https://hopingbummys.com/?5ad1b5a6a43f315749422729ae2ca8f5
set-cookie: PHPSESSID=0ed5672a80307ec423c6e5175d4c0f0b; path=/; secure
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-cache, no-store, must-revalidate, max-age=0
pragma: no-cache
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
vary: User-Agent
x-turbo-charged-by: LiteSpeed
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qANbNM4v7QCo%2BIexaa6RnT1h7ugTSl4iW%2F57MjackTN0eUEOps5MOCRBIGwJ%2BMxyCWLcj9J0x2rF%2Bvi46DfsuQLERgUt1i5S1oVgvjFaoF6UssVdRJJ4vpcd0K0PvWJZV8Aj"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 697f57fa2d834e50-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H2 200 index2.css
hopingbummys.com/master/diet-shrktnk-assets/ 66 KB
12 KB 17ms
16ms Stylesheet
text/css 104.21.14.101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://hopingbummys.com/master/diet-shrktnk-assets/index2.css

Requested by

Host: hopingbummys.com
URL: https://hopingbummys.com/?5ad1b5a6a43f315749422729ae2ca8f5

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.21.14.101 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e43fff2ba016b4edef9c902f806ebab91a4a3b61d7b82b3648b62e1338721537

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /master/diet-shrktnk-assets/index2.css
pragma: no-cache
cookie: PHPSESSID=6f86f4cd9d7bd35949d0d3b00059e5e3
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: hopingbummys.com
referer: https://hopingbummys.com/?5ad1b5a6a43f315749422729ae2ca8f5
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://hopingbummys.com/?5ad1b5a6a43f315749422729ae2ca8f5
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 02 Oct 2021 16:35:24 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 78210
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Thu, 31 Oct 2019 20:18:35 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZNb0Evuowwi%2BnstU0HWaKVAW%2B7vxDupO4bAamJ1ZpEDbagS6Lz%2FgwF2B4yhQshaYJf5%2FN2%2FN6bp2Aj%2FExoP1Wsj0ahWxn65dFX4O1k5L0Rg0%2Fda157eNHSt6oJGs4fcDlhys"}],"group":"cf-nel","max_age":604800}
content-type: text/css
vary: Accept-Encoding,User-Agent
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
cf-ray: 697f57fb9ea5dfe3-FRA
expires: Fri, 08 Oct 2021 18:51:54 GMT

GET
H2 200 bootstrap.css
hopingbummys.com/master/diet-shrktnk-assets/ 113 KB
19 KB 21ms
19ms Stylesheet
text/css 104.21.14.101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://hopingbummys.com/master/diet-shrktnk-assets/bootstrap.css

Requested by

Host: hopingbummys.com
URL: https://hopingbummys.com/?5ad1b5a6a43f315749422729ae2ca8f5

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.21.14.101 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fff3cc2f768decb746bbd03980b498f1b35087aa32804bb2c83b8441a9879078

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /master/diet-shrktnk-assets/bootstrap.css
pragma: no-cache
cookie: PHPSESSID=6f86f4cd9d7bd35949d0d3b00059e5e3
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: hopingbummys.com
referer: https://hopingbummys.com/?5ad1b5a6a43f315749422729ae2ca8f5
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://hopingbummys.com/?5ad1b5a6a43f315749422729ae2ca8f5
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 02 Oct 2021 16:35:24 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 81518
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Thu, 31 Oct 2019 20:18:25 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KmvxToRz90eh7sNQX8qvTEiu5LxL5ix0xAKd6oAg5O3BPArqxSdtO%2BCUN97NZ2pRrnIcFfsXrlpdZmWZchAiJJhU3oP%2BZIVHvepd%2FHPAHHtfr%2BXvp6%2BXVIAJ5fe%2FY16gD4bc"}],"group":"cf-nel","max_age":604800}
content-type: text/css
vary: Accept-Encoding,User-Agent
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
cf-ray: 697f57fb9ea8dfe3-FRA
expires: Fri, 08 Oct 2021 17:56:46 GMT

GET
H2 200 brandico2.css
hopingbummys.com/master/diet-shrktnk-assets/ 10 KB
2 KB 20ms
19ms Stylesheet
text/css 104.21.14.101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://hopingbummys.com/master/diet-shrktnk-assets/brandico2.css

Requested by

Host: hopingbummys.com
URL: https://hopingbummys.com/?5ad1b5a6a43f315749422729ae2ca8f5

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.21.14.101 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a2e19c3b42ff55aab5a929e9d445d22b04a0dc832f6d7f93097398246180ae03

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /master/diet-shrktnk-assets/brandico2.css
pragma: no-cache
cookie: PHPSESSID=6f86f4cd9d7bd35949d0d3b00059e5e3
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: hopingbummys.com
referer: https://hopingbummys.com/?5ad1b5a6a43f315749422729ae2ca8f5
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://hopingbummys.com/?5ad1b5a6a43f315749422729ae2ca8f5
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 02 Oct 2021 16:35:24 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 81518
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Fri, 12 Jun 2020 17:54:23 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jW%2F66QRd6h07I9u52pe6IIMa5xg2HnBhGj3NXiOxOqejIsZ9dtMydaMt0o9JSbknaH%2BwDq%2B07o6O8L5NnwwvwOKCVTv53wDl7isPwSPF1VEqzMDPL9v6RUQ%2FRK%2BoKs36Mv2l"}],"group":"cf-nel","max_age":604800}
content-type: text/css
vary: Accept-Encoding,User-Agent
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
cf-ray: 697f57fb9eaddfe3-FRA
expires: Fri, 08 Oct 2021 17:56:46 GMT

GET
H2 200 css2
fonts.googleapis.com/ 8 KB
1 KB 42ms
17ms Stylesheet
text/css 142.250.184.202
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:wght@400;500;700;900&display=swap

Requested by

Host: hopingbummys.com
URL: https://hopingbummys.com/?5ad1b5a6a43f315749422729ae2ca8f5

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.202 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f10.1e100.net

Software

ESF /

Resource Hash

e1f98ccf79d380deb41bb2c3a281390b81ccee0e182e47827847a15a4f8e9411

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://hopingbummys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sat, 02 Oct 2021 15:39:31 GMT
server: ESF
date: Sat, 02 Oct 2021 16:35:24 GMT
x-frame-options: SAMEORIGIN
report-to: {"group":"AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU"}]}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
cross-origin-opener-policy-report-only: same-origin; report-to="AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU"
expires: Sat, 02 Oct 2021 16:35:24 GMT

GET utils.min.css
hopingbummys.com/css/ 0
0

GET shadowbox.css
hopingbummys.com/master/ 0
0

GET
H2 404 shadowbox.js
hopingbummys.com/master/ 0
0 58ms
57ms Script
text/html 104.21.14.101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://hopingbummys.com/master/shadowbox.js

Requested by

Host: hopingbummys.com
URL: https://hopingbummys.com/?5ad1b5a6a43f315749422729ae2ca8f5

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.21.14.101 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /master/shadowbox.js
pragma: no-cache
cookie: PHPSESSID=6f86f4cd9d7bd35949d0d3b00059e5e3
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: hopingbummys.com
referer: https://hopingbummys.com/?5ad1b5a6a43f315749422729ae2ca8f5
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://hopingbummys.com/?5ad1b5a6a43f315749422729ae2ca8f5
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 02 Oct 2021 16:35:24 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-xss-protection: 1; mode=block
pragma: no-cache
server: cloudflare
x-frame-options: SAMEORIGIN
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: User-Agent, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JFveuQk%2FyUluukkHUohQWxa%2FxFYgV0PbksVNwoluX4WaEjfTPq24U6Vf2SW1424mnZj8IvRoh%2FEkWxde5Hi%2FaxCt8RTs2k1feBAU4ifchXR%2F8mnO5rjviHqAE9kxdGu8xYbp"}],"group":"cf-nel","max_age":604800}
content-type: text/html
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
x-turbo-charged-by: LiteSpeed
cf-ray: 697f57fbaeb4dfe3-FRA

GET
H2 200 msg.js Show response
hopingbummys.com/inc/ 849 B
695 B 23ms
22ms Script
application/javascript 104.21.14.101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://hopingbummys.com/inc/msg.js

Requested by

Host: hopingbummys.com
URL: https://hopingbummys.com/?5ad1b5a6a43f315749422729ae2ca8f5

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.21.14.101 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

05b3a277980f5493f1feca82a6493c8dc83f5a43dff796736559be1077ccec1f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /inc/msg.js
pragma: no-cache
cookie: PHPSESSID=6f86f4cd9d7bd35949d0d3b00059e5e3
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: hopingbummys.com
referer: https://hopingbummys.com/?5ad1b5a6a43f315749422729ae2ca8f5
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://hopingbummys.com/?5ad1b5a6a43f315749422729ae2ca8f5
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 02 Oct 2021 16:35:24 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 96423
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Fri, 26 Mar 2021 17:15:56 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0%2FRlbVFILw5tyW%2BKKTU6Vk5OBs6miDcyTW6fMK7kkJGsq8felt9Ig6FCDdWy1wbXiWN0zOiEdctzlGoqqAhouG7ooIc7alGH%2F8BHYVXA4JnWVrN%2B3i4iZNoiBMkCivLWB0T7"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
vary: Accept-Encoding,User-Agent
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
cf-ray: 697f57fbaeb5dfe3-FRA
expires: Fri, 08 Oct 2021 13:48:21 GMT

GET
H2 200 fbcode1.js Show response
hopingbummys.com/inc/ 2 KB
1 KB 18ms
17ms Script
application/javascript 104.21.14.101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://hopingbummys.com/inc/fbcode1.js

Requested by

Host: hopingbummys.com
URL: https://hopingbummys.com/?5ad1b5a6a43f315749422729ae2ca8f5

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.21.14.101 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

43fccd349655df7497727c1c95d4fd97033f8aaf649067cbafb2b6d2751cf340

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /inc/fbcode1.js
pragma: no-cache
cookie: PHPSESSID=6f86f4cd9d7bd35949d0d3b00059e5e3
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: hopingbummys.com
referer: https://hopingbummys.com/?5ad1b5a6a43f315749422729ae2ca8f5
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://hopingbummys.com/?5ad1b5a6a43f315749422729ae2ca8f5
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 02 Oct 2021 16:35:24 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 96423
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Wed, 07 Oct 2020 23:35:40 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Yc8WAFzaKxkl9areCpZu2ywvBEA8gk488JZXKwSz98HMI8Uhx12W5Xork6MI%2FBnRTz%2FCoxxUoHzBtuGhEJMudLDOR%2FIyNE4Be3PA%2Bn%2Bz7Gzl4jUyFWP%2FnV48OjFMqokpWqi5"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
vary: Accept-Encoding,User-Agent
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
cf-ray: 697f57fbaeb6dfe3-FRA
expires: Fri, 08 Oct 2021 13:48:21 GMT

GET
H3 200 healthlogo.png
hopingbummys.com/master/diet-shrktnk-assets/ 62 KB
63 KB 60ms
60ms Image
image/png 104.21.14.101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://hopingbummys.com/master/diet-shrktnk-assets/healthlogo.png

Requested by

Host: hopingbummys.com
URL: https://hopingbummys.com/?5ad1b5a6a43f315749422729ae2ca8f5

Protocol

Security

QUIC, , AES_128_GCM

Server

104.21.14.101 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

363d9c1ea95c22f5acfa91816599219cc3dc5e54ba777ee3841d8a03b5179e2f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /master/diet-shrktnk-assets/healthlogo.png
pragma: no-cache
cookie: PHPSESSID=6f86f4cd9d7bd35949d0d3b00059e5e3
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: hopingbummys.com
referer: https://hopingbummys.com/?5ad1b5a6a43f315749422729ae2ca8f5
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://hopingbummys.com/?5ad1b5a6a43f315749422729ae2ca8f5
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 02 Oct 2021 16:35:24 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 81518
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 63575
x-xss-protection: 1; mode=block
last-modified: Thu, 30 Jan 2020 17:23:22 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: User-Agent, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Vpy1iX6SnKTJkbISEYfH7N0Ce5%2BrTGY3nP4gFejB3SIAQpT86UUHVQMQvLgSdWdzmktwucbuT6Oye6xDJsZo1SBELuWxoNIB%2Bxk6ELrJ5G93JRUhh3Pw0ifMI%2FD%2BXhWG2uY2"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 697f57fc1a8bc2bd-FRA
expires: Fri, 08 Oct 2021 17:56:46 GMT

GET
H3 200 asseenin.jpg
hopingbummys.com/master/diet-shrktnk-assets/ 8 KB
8 KB 58ms
58ms Image
image/jpeg 104.21.14.101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://hopingbummys.com/master/diet-shrktnk-assets/asseenin.jpg

Requested by

Host: hopingbummys.com
URL: https://hopingbummys.com/?5ad1b5a6a43f315749422729ae2ca8f5

Protocol

Security

QUIC, , AES_128_GCM

Server

104.21.14.101 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

eb9783874c9ff9adac5dc902c42a885a482f66985b674c6e6e6a41b432c414e9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /master/diet-shrktnk-assets/asseenin.jpg
pragma: no-cache
cookie: PHPSESSID=6f86f4cd9d7bd35949d0d3b00059e5e3
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: hopingbummys.com
referer: https://hopingbummys.com/?5ad1b5a6a43f315749422729ae2ca8f5
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://hopingbummys.com/?5ad1b5a6a43f315749422729ae2ca8f5
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 02 Oct 2021 16:35:24 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 94124
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 7830
x-xss-protection: 1; mode=block
last-modified: Thu, 31 Oct 2019 20:18:22 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=d7hvimi7pN5%2FmgqsF4vhUsNHqTc5z%2FEjBz0kPCuglEUM7%2Be96chsH9P9tOmqdpKPu577prR78icrAebM%2FS3VSSv03obbJ1yYiAAcgE%2FULUeYnS4pG%2BatDZmz5GcygvjMjeNo"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
vary: User-Agent, Accept-Encoding
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 697f57fc1a97c2bd-FRA
expires: Fri, 08 Oct 2021 14:26:40 GMT

GET
H3 200 50lbs.jpg
hopingbummys.com/master/diet-shrktnk-assets/ 65 KB
65 KB 15ms
15ms Image
image/jpeg 104.21.14.101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://hopingbummys.com/master/diet-shrktnk-assets/50lbs.jpg

Requested by

Host: hopingbummys.com
URL: https://hopingbummys.com/?5ad1b5a6a43f315749422729ae2ca8f5

Protocol

Security

QUIC, , AES_128_GCM

Server

104.21.14.101 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1d24768e8f2b98f53752f8767b070b64d060c3cb38e00dac701febab661e1b71

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /master/diet-shrktnk-assets/50lbs.jpg
pragma: no-cache
cookie: PHPSESSID=6f86f4cd9d7bd35949d0d3b00059e5e3
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: hopingbummys.com
referer: https://hopingbummys.com/?5ad1b5a6a43f315749422729ae2ca8f5
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://hopingbummys.com/?5ad1b5a6a43f315749422729ae2ca8f5
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 02 Oct 2021 16:35:24 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 78210
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 66227
x-xss-protection: 1; mode=block
last-modified: Thu, 31 Oct 2019 20:18:17 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: User-Agent, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QCIrH%2FO7taP91KQCejoV0P3PENVHGaxLtf2%2BPZuGlliFUF8JftXclITqvdgC0Ibtid5E7orLLnFuKIhB%2Bi3uvxa4Op9GfPWzo5YAYq57EuLMFWzfXxhDxfXku076cxeKisbV"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 697f57fc1aa3c2bd-FRA
expires: Fri, 08 Oct 2021 18:51:54 GMT

GET
H3 200 2.jpg
hopingbummys.com/master/diet-shrktnk-assets/ 138 KB
139 KB 66ms
64ms Image
image/jpeg 104.21.14.101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://hopingbummys.com/master/diet-shrktnk-assets/2.jpg

Requested by

Host: hopingbummys.com
URL: https://hopingbummys.com/?5ad1b5a6a43f315749422729ae2ca8f5

Protocol

Security

QUIC, , AES_128_GCM

Server

104.21.14.101 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

515ad9e110e185f90bd0aef59138c02bb4a7c0b316f982b5226feb511d57988f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /master/diet-shrktnk-assets/2.jpg
pragma: no-cache
cookie: PHPSESSID=6f86f4cd9d7bd35949d0d3b00059e5e3
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: hopingbummys.com
referer: https://hopingbummys.com/?5ad1b5a6a43f315749422729ae2ca8f5
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://hopingbummys.com/?5ad1b5a6a43f315749422729ae2ca8f5
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 02 Oct 2021 16:35:24 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 78210
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 141516
x-xss-protection: 1; mode=block
last-modified: Thu, 31 Oct 2019 20:18:12 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: User-Agent, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Y1a7EMeV%2BoewJaXx%2BeDOqttxM1MWCOuO4FlGNqYbWsJFlXoZcLk9Gg2zDHDZRV0ylZOGuXmhcxXb1tva%2FWvyiZSaePUXJHeCMN4lVaHqbkPUuKd%2Badpud7DO1QIH2uk2GHBd"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 697f57fc1aa8c2bd-FRA
expires: Fri, 08 Oct 2021 18:51:54 GMT

GET
H3 200 lift1.png
hopingbummys.com/master/diet-shrktnk-assets/ 82 KB
83 KB 73ms
70ms Image
image/png 104.21.14.101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://hopingbummys.com/master/diet-shrktnk-assets/lift1.png

Requested by

Host: hopingbummys.com
URL: https://hopingbummys.com/?5ad1b5a6a43f315749422729ae2ca8f5

Protocol

Security

QUIC, , AES_128_GCM

Server

104.21.14.101 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9e0834f46d9f5139e8b7f8f5f09be31053c44e3caee6f11caec08480d1d328dc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /master/diet-shrktnk-assets/lift1.png
pragma: no-cache
cookie: PHPSESSID=6f86f4cd9d7bd35949d0d3b00059e5e3
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: hopingbummys.com
referer: https://hopingbummys.com/?5ad1b5a6a43f315749422729ae2ca8f5
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://hopingbummys.com/?5ad1b5a6a43f315749422729ae2ca8f5
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 02 Oct 2021 16:35:24 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 81518
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 84062
x-xss-protection: 1; mode=block
last-modified: Thu, 31 Oct 2019 20:18:42 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: User-Agent, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2B6e3vTDilE3s4kxpLjjqrd0AkQXXBWlsN17mRgphjAElFbY24bE3eEQQMltxd8IXpUCkNYwJ0ax6U185%2B3qlC0r4gIH6kdDc%2B0uVGLOxg2vrjLAQGKTg93APhYV%2BPXXueTZq"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 697f57fc1aabc2bd-FRA
expires: Fri, 08 Oct 2021 17:56:46 GMT

GET
H3 200 4a5576a14732c71f6b4445c55ec2522b.png
hopingbummys.com/master/diet-shrktnk-assets/ 126 KB
127 KB 79ms
76ms Image
image/png 104.21.14.101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://hopingbummys.com/master/diet-shrktnk-assets/4a5576a14732c71f6b4445c55ec2522b.png

Requested by

Host: hopingbummys.com
URL: https://hopingbummys.com/?5ad1b5a6a43f315749422729ae2ca8f5

Protocol

Security

QUIC, , AES_128_GCM

Server

104.21.14.101 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e7a35657b2c0f2eaa8e7d3da99d021492453979c35f5bd8d650eb177fc437dec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /master/diet-shrktnk-assets/4a5576a14732c71f6b4445c55ec2522b.png
pragma: no-cache
cookie: PHPSESSID=6f86f4cd9d7bd35949d0d3b00059e5e3
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: hopingbummys.com
referer: https://hopingbummys.com/?5ad1b5a6a43f315749422729ae2ca8f5
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://hopingbummys.com/?5ad1b5a6a43f315749422729ae2ca8f5
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 02 Oct 2021 16:35:24 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 78210
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 129114
x-xss-protection: 1; mode=block
last-modified: Thu, 31 Oct 2019 20:18:17 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: User-Agent, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Rph%2B6D6IaxUDQYXknzZrJPDEeuGttLZgq%2FUDLuHSHOlO16tBRMECSi9b8OZEPfDQ2Rss%2FKrXjNakTJl9eWHZIKzftZ3DgpsVZmcYA0gQxr7cXJol5qrXYjruFpFPpO6h2TQf"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 697f57fc1aacc2bd-FRA
expires: Fri, 08 Oct 2021 18:51:54 GMT

GET
H3 200 sharktankrights.jpg
hopingbummys.com/master/diet-shrktnk-assets/ 150 KB
151 KB 21ms
18ms Image
image/jpeg 104.21.14.101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://hopingbummys.com/master/diet-shrktnk-assets/sharktankrights.jpg

Requested by

Host: hopingbummys.com
URL: https://hopingbummys.com/?5ad1b5a6a43f315749422729ae2ca8f5

Protocol

Security

QUIC, , AES_128_GCM

Server

104.21.14.101 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8da26bddf8849eb8f4774bb82d77cc7f2e816779b1ae4373edf7dae5b6d54e05

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /master/diet-shrktnk-assets/sharktankrights.jpg
pragma: no-cache
cookie: PHPSESSID=6f86f4cd9d7bd35949d0d3b00059e5e3
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: hopingbummys.com
referer: https://hopingbummys.com/?5ad1b5a6a43f315749422729ae2ca8f5
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://hopingbummys.com/?5ad1b5a6a43f315749422729ae2ca8f5
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 02 Oct 2021 16:35:24 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 94124
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 153619
x-xss-protection: 1; mode=block
last-modified: Thu, 31 Oct 2019 20:18:55 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: User-Agent, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XlUBdBLAz7RK8adcbmKLEE9Vjt0DE4o3YnonnRX43PXnP7yJfgetUtfTHp5ZtAE9O2ic%2BKIAj%2FHCr%2BqpShR5fvnvIxNLduRoZTga6FpW3TfWWLOX1c7ST5B%2FfrASPXmy2Vp0"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 697f57fc1aadc2bd-FRA
expires: Fri, 08 Oct 2021 14:26:40 GMT

GET
H3 200 slider_item_02.png
hopingbummys.com/master/diet-shrktnk-assets/ 67 KB
68 KB 90ms
87ms Image
image/png 104.21.14.101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://hopingbummys.com/master/diet-shrktnk-assets/slider_item_02.png

Requested by

Host: hopingbummys.com
URL: https://hopingbummys.com/?5ad1b5a6a43f315749422729ae2ca8f5

Protocol

Security

QUIC, , AES_128_GCM

Server

104.21.14.101 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

98f0cf4d099f89bae2af62f3492d64d3bffb955f3396fa3746a05edd792d4925

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /master/diet-shrktnk-assets/slider_item_02.png
pragma: no-cache
cookie: PHPSESSID=6f86f4cd9d7bd35949d0d3b00059e5e3
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: hopingbummys.com
referer: https://hopingbummys.com/?5ad1b5a6a43f315749422729ae2ca8f5
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://hopingbummys.com/?5ad1b5a6a43f315749422729ae2ca8f5
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 02 Oct 2021 16:35:24 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 78210
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 68854
x-xss-protection: 1; mode=block
last-modified: Thu, 31 Oct 2019 20:18:55 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: User-Agent, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6cH6ZolrRCMykOjr1Wj%2Fwqp%2Bc2tO8cn%2BvaU%2BJL7zHJ7whQVPa5eHI3Da%2FTMBCtmcMbV0Rmryv14rdk8wwT8SuvA2AIDx9kjeT2B6DIzkb4sU68j1PGtVSY9rgZ9yQsfWIg%2Fw"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 697f57fc1aaec2bd-FRA
expires: Fri, 08 Oct 2021 18:51:54 GMT

GET
H3 200 3e0b70265ed238aea803a3b0bfaa3146.jpg
hopingbummys.com/master/diet-shrktnk-assets/ 17 KB
18 KB 92ms
89ms Image
image/jpeg 104.21.14.101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://hopingbummys.com/master/diet-shrktnk-assets/3e0b70265ed238aea803a3b0bfaa3146.jpg

Requested by

Host: hopingbummys.com
URL: https://hopingbummys.com/?5ad1b5a6a43f315749422729ae2ca8f5

Protocol

Security

QUIC, , AES_128_GCM

Server

104.21.14.101 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

883979605c75b733eb6d6754cb6f115b10d295c3f041ac919c2d2f828f65237a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /master/diet-shrktnk-assets/3e0b70265ed238aea803a3b0bfaa3146.jpg
pragma: no-cache
cookie: PHPSESSID=6f86f4cd9d7bd35949d0d3b00059e5e3
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: hopingbummys.com
referer: https://hopingbummys.com/?5ad1b5a6a43f315749422729ae2ca8f5
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://hopingbummys.com/?5ad1b5a6a43f315749422729ae2ca8f5
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 02 Oct 2021 16:35:24 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 81518
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 17800
x-xss-protection: 1; mode=block
last-modified: Thu, 31 Oct 2019 20:18:14 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: User-Agent, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kXcA7X%2BUv5oAFLYOjP2yHfHZ0GgAwlcmSsTWDy%2B6uBHvvFwRKKVTeLIQgzOsyZdG4nNMJ%2FJ8p%2FTsw1zUFqsX%2B3HMzLrnDevkzuc5sGkqFeeo%2FJCreVKzopwtNAAwsSBtGizp"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 697f57fc1ab0c2bd-FRA
expires: Fri, 08 Oct 2021 17:56:46 GMT

GET
H3 200 checkmark.png
hopingbummys.com/master/diet-shrktnk-assets/ 334 B
976 B 93ms
90ms Image
image/png 104.21.14.101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://hopingbummys.com/master/diet-shrktnk-assets/checkmark.png

Requested by

Host: hopingbummys.com
URL: https://hopingbummys.com/?5ad1b5a6a43f315749422729ae2ca8f5

Protocol

Security

QUIC, , AES_128_GCM

Server

104.21.14.101 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

aab8ebd7fb3b60142e7ab447cf11c19b781ea63fcd0981917783909061fd907c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /master/diet-shrktnk-assets/checkmark.png
pragma: no-cache
cookie: PHPSESSID=6f86f4cd9d7bd35949d0d3b00059e5e3
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: hopingbummys.com
referer: https://hopingbummys.com/?5ad1b5a6a43f315749422729ae2ca8f5
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://hopingbummys.com/?5ad1b5a6a43f315749422729ae2ca8f5
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 02 Oct 2021 16:35:24 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 78210
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 334
x-xss-protection: 1; mode=block
last-modified: Thu, 31 Oct 2019 20:18:28 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: User-Agent, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WqxQOkIFNY9PTBjdTwGBT3zixcd3ZgTcnuMl7HB9BUQaheBtcMS0buQXES4F8JByluR6Pn%2BfMwyQkU%2FJEpwi00UZsqIxXBzNbUoNFt8PIUAhE1YhWkSJ63jUxOm1vieTIepk"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 697f57fc1ab2c2bd-FRA
expires: Fri, 08 Oct 2021 18:51:54 GMT

GET
H3 200 image.php
hopingbummys.com/ 73 KB
74 KB 93ms
90ms Image
image/png 104.21.14.101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://hopingbummys.com/image.php?img=productimages/1631141295.png

Requested by

Host: hopingbummys.com
URL: https://hopingbummys.com/?5ad1b5a6a43f315749422729ae2ca8f5

Protocol

Security

QUIC, , AES_128_GCM

Server

104.21.14.101 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

38cff44ce0d59999f967c0fe4d3bf448dbf2439965ffe5b14b0eece1515d4b5f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /image.php?img=productimages/1631141295.png
pragma: no-cache
cookie: PHPSESSID=6f86f4cd9d7bd35949d0d3b00059e5e3
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: hopingbummys.com
referer: https://hopingbummys.com/?5ad1b5a6a43f315749422729ae2ca8f5
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://hopingbummys.com/?5ad1b5a6a43f315749422729ae2ca8f5
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 02 Oct 2021 16:35:24 GMT
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-xss-protection: 1; mode=block
server: cloudflare
x-frame-options: SAMEORIGIN
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: User-Agent, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=neRH9U14ouKjpW1wbCk64EcGisp1bAOtvaO%2Fdy0MRwOEvtKQjAWOLP%2Bq86MDVFTjTGjliK3KBi9HW%2B%2FxEnkdCicmYf9LxpWNFzJq%2BCB0IeNHzRwgRXPuZyVNw%2BwICUdaB2e4"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
cf-ray: 697f57fc1ab4c2bd-FRA
expires: Sat, 09 Oct 2021 16:35:24 GMT

GET
H3 200 getyourbottle.png
hopingbummys.com/master/diet-shrktnk-assets/ 747 B
1 KB 94ms
91ms Image
image/png 104.21.14.101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://hopingbummys.com/master/diet-shrktnk-assets/getyourbottle.png

Requested by

Host: hopingbummys.com
URL: https://hopingbummys.com/?5ad1b5a6a43f315749422729ae2ca8f5

Protocol

Security

QUIC, , AES_128_GCM

Server

104.21.14.101 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8526f89caa77931946ad6e066a3b76845d9b5f7c9b896eda7229f4320143336d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /master/diet-shrktnk-assets/getyourbottle.png
pragma: no-cache
cookie: PHPSESSID=6f86f4cd9d7bd35949d0d3b00059e5e3
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: hopingbummys.com
referer: https://hopingbummys.com/?5ad1b5a6a43f315749422729ae2ca8f5
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://hopingbummys.com/?5ad1b5a6a43f315749422729ae2ca8f5
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 02 Oct 2021 16:35:24 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 78210
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 747
x-xss-protection: 1; mode=block
last-modified: Thu, 31 Oct 2019 20:18:31 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: User-Agent, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=f%2Femod3qdQqzOc7FNH2V3ff6Y0fltfJSFZ9r3RpOZefO30CyR0OPNTHLV1BCoPFSk2JcPBeNEGmyfr2cvzo7vBh9q1beb4%2F7zgoTTlm2HIg7vbWiXPbmMCN5HzvnfEaKNu1h"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 697f57fc1ab6c2bd-FRA
expires: Fri, 08 Oct 2021 18:51:54 GMT

GET
H3 200 b886b753f875ef6414718d92d6ad8944.jpg
hopingbummys.com/master/diet-shrktnk-assets/ 18 KB
19 KB 94ms
91ms Image
image/jpeg 104.21.14.101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://hopingbummys.com/master/diet-shrktnk-assets/b886b753f875ef6414718d92d6ad8944.jpg

Requested by

Host: hopingbummys.com
URL: https://hopingbummys.com/?5ad1b5a6a43f315749422729ae2ca8f5

Protocol

Security

QUIC, , AES_128_GCM

Server

104.21.14.101 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

19b42a034a6f8978e5774a746e2a0da52fda1fa1233dc04342d8dd606837fa61

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /master/diet-shrktnk-assets/b886b753f875ef6414718d92d6ad8944.jpg
pragma: no-cache
cookie: PHPSESSID=6f86f4cd9d7bd35949d0d3b00059e5e3
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: hopingbummys.com
referer: https://hopingbummys.com/?5ad1b5a6a43f315749422729ae2ca8f5
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://hopingbummys.com/?5ad1b5a6a43f315749422729ae2ca8f5
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 02 Oct 2021 16:35:24 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 78210
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 18323
x-xss-protection: 1; mode=block
last-modified: Thu, 31 Oct 2019 20:18:22 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: User-Agent, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8SfhnBiYDOg3I3OCg14Yd7aKy00QNREWnWx3NEhl0WrxyHMtvXlsmkq5mmOnx1CN4ph7lEf%2FSD6e3s%2F84nurJB9qGyMoGZIGWIQi7OtKHHAW87t3c6Tf3Og068rgItIJ24kg"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 697f57fc1ab9c2bd-FRA
expires: Fri, 08 Oct 2021 18:51:54 GMT

GET
H3 200 weight5.jpg
hopingbummys.com/master/diet-shrktnk-assets/ 59 KB
59 KB 94ms
91ms Image
image/jpeg 104.21.14.101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://hopingbummys.com/master/diet-shrktnk-assets/weight5.jpg

Requested by

Host: hopingbummys.com
URL: https://hopingbummys.com/?5ad1b5a6a43f315749422729ae2ca8f5

Protocol

Security

QUIC, , AES_128_GCM

Server

104.21.14.101 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0d17710ec8fdd8345e06a46060c8c4cc0aea6624ab9cc4e1911e55da425d825d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /master/diet-shrktnk-assets/weight5.jpg
pragma: no-cache
cookie: PHPSESSID=6f86f4cd9d7bd35949d0d3b00059e5e3
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: hopingbummys.com
referer: https://hopingbummys.com/?5ad1b5a6a43f315749422729ae2ca8f5
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://hopingbummys.com/?5ad1b5a6a43f315749422729ae2ca8f5
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 02 Oct 2021 16:35:24 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 78210
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 60233
x-xss-protection: 1; mode=block
last-modified: Thu, 31 Oct 2019 20:18:58 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: User-Agent, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qniz3mp7toa%2F0qc39HpPgRgrGTRJEgEUB0%2F%2Be7J5idrwKgjemsIxFYKCl0XMBpwlCFwvb23zgq2o7K%2Fwru9gG7pQ6V7xmYBLnGXc260pylgljx8ZythgFJLSkGnKWFIYeTH6"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 697f57fc1abac2bd-FRA
expires: Fri, 08 Oct 2021 18:51:54 GMT

GET
H3 200 weight6.jpg
hopingbummys.com/master/diet-shrktnk-assets/ 416 KB
417 KB 97ms
95ms Image
image/jpeg 104.21.14.101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://hopingbummys.com/master/diet-shrktnk-assets/weight6.jpg

Requested by

Host: hopingbummys.com
URL: https://hopingbummys.com/?5ad1b5a6a43f315749422729ae2ca8f5

Protocol

Security

QUIC, , AES_128_GCM

Server

104.21.14.101 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

97e8642006a037d8288ac1cd9fda7908e8558951cc18c33fced06dfa4a04fd71

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /master/diet-shrktnk-assets/weight6.jpg
pragma: no-cache
cookie: PHPSESSID=6f86f4cd9d7bd35949d0d3b00059e5e3
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: hopingbummys.com
referer: https://hopingbummys.com/?5ad1b5a6a43f315749422729ae2ca8f5
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://hopingbummys.com/?5ad1b5a6a43f315749422729ae2ca8f5
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 02 Oct 2021 16:35:24 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 78210
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 425744
x-xss-protection: 1; mode=block
last-modified: Thu, 31 Oct 2019 20:19:11 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: User-Agent, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=T4Yrah55qm0oR%2FoCoYcfGJkJGEDirqmHukFIitTPmnvPS3B0QxLLYpAamJFqAIkOVlFlNgU8JaXxAMt0gWi44ukqNk21e4MaxFkdKY%2FAJy8%2FDVFzpIB2P3paQi%2By%2BuH86Cj5"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 697f57fc1abcc2bd-FRA
expires: Fri, 08 Oct 2021 18:51:54 GMT

GET
H3 200 weight7.jpg
hopingbummys.com/master/diet-shrktnk-assets/ 51 KB
52 KB 113ms
110ms Image
image/jpeg 104.21.14.101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://hopingbummys.com/master/diet-shrktnk-assets/weight7.jpg

Requested by

Host: hopingbummys.com
URL: https://hopingbummys.com/?5ad1b5a6a43f315749422729ae2ca8f5

Protocol

Security

QUIC, , AES_128_GCM

Server

104.21.14.101 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6018f31e4190c0c7e9eeb91486445aa15379f779dbf9455d5421657e02913940

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /master/diet-shrktnk-assets/weight7.jpg
pragma: no-cache
cookie: PHPSESSID=6f86f4cd9d7bd35949d0d3b00059e5e3
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: hopingbummys.com
referer: https://hopingbummys.com/?5ad1b5a6a43f315749422729ae2ca8f5
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://hopingbummys.com/?5ad1b5a6a43f315749422729ae2ca8f5
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 02 Oct 2021 16:35:24 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 78210
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 52287
x-xss-protection: 1; mode=block
last-modified: Thu, 31 Oct 2019 20:19:01 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: User-Agent, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mpr816L0Aw9qC9thBm%2BY7bNrY8IUc%2FvhZKm8QLIqMl3RJkSweBshPjLuGKEAy7TKTW44l8KZAWKp79aQsgV2OHDGJ%2BOZeA1SexUeyyU6UgiGR2KK8RiqSUcRozYGYJ7LQ4Fw"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 697f57fc1abdc2bd-FRA
expires: Fri, 08 Oct 2021 18:51:54 GMT

GET
H3 200 offer.jpg
hopingbummys.com/master/diet-shrktnk-assets/ 5 KB
5 KB 118ms
116ms Image
image/jpeg 104.21.14.101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://hopingbummys.com/master/diet-shrktnk-assets/offer.jpg

Requested by

Host: hopingbummys.com
URL: https://hopingbummys.com/?5ad1b5a6a43f315749422729ae2ca8f5

Protocol

Security

QUIC, , AES_128_GCM

Server

104.21.14.101 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c039304b1f83ce8df5462bdc85730898ebd3e7762d0833f5d6b2d123cd627dd8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /master/diet-shrktnk-assets/offer.jpg
pragma: no-cache
cookie: PHPSESSID=6f86f4cd9d7bd35949d0d3b00059e5e3
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: hopingbummys.com
referer: https://hopingbummys.com/?5ad1b5a6a43f315749422729ae2ca8f5
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://hopingbummys.com/?5ad1b5a6a43f315749422729ae2ca8f5
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 02 Oct 2021 16:35:24 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 78210
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 4964
x-xss-protection: 1; mode=block
last-modified: Thu, 31 Oct 2019 20:18:45 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: User-Agent, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=48%2B1zJagYdGHb7A2O3dKOfc6ivYfqRcQgghrKGKIZdut0JupkCgOtShhi1lEZLrckYk2g6t9AH1XetpbQiiq1zfrhkpKLYJX%2FyYbxBdcfxfqeVQN7IT2BCxmiAIYXiyoAuuh"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 697f57fc1abec2bd-FRA
expires: Fri, 08 Oct 2021 18:51:54 GMT

GET
H3 200 checkmark-green-sm.png
hopingbummys.com/master/diet-shrktnk-assets/ 558 B
1 KB 118ms
116ms Image
image/png 104.21.14.101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://hopingbummys.com/master/diet-shrktnk-assets/checkmark-green-sm.png

Requested by

Host: hopingbummys.com
URL: https://hopingbummys.com/?5ad1b5a6a43f315749422729ae2ca8f5

Protocol

Security

QUIC, , AES_128_GCM

Server

104.21.14.101 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

31825b853e17fdd1f53cd0ad03626a9dd108418a0b91293a67d559d4563bbcbc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /master/diet-shrktnk-assets/checkmark-green-sm.png
pragma: no-cache
cookie: PHPSESSID=6f86f4cd9d7bd35949d0d3b00059e5e3
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: hopingbummys.com
referer: https://hopingbummys.com/?5ad1b5a6a43f315749422729ae2ca8f5
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://hopingbummys.com/?5ad1b5a6a43f315749422729ae2ca8f5
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 02 Oct 2021 16:35:24 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 94124
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 558
x-xss-protection: 1; mode=block
last-modified: Thu, 31 Oct 2019 20:18:28 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: User-Agent, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=B51d897twL0km1q62U4LalQ%2FJzzEvz3UvUeYUieJ0xnIIy1VkjLl%2FTLyNDwnTSKAAK%2FKowuhZHw92rz4kFSi5SF9AqJThvqFffHDES%2BFlyPq5CCOa0hBrYG2TMYcUVIvO8KI"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 697f57fc1ac0c2bd-FRA
expires: Fri, 08 Oct 2021 14:26:40 GMT

GET
H3 200 100-guarantee-seal-1_2.png
hopingbummys.com/master/diet-shrktnk-assets/ 8 KB
9 KB 119ms
116ms Image
image/png 104.21.14.101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://hopingbummys.com/master/diet-shrktnk-assets/100-guarantee-seal-1_2.png

Requested by

Host: hopingbummys.com
URL: https://hopingbummys.com/?5ad1b5a6a43f315749422729ae2ca8f5

Protocol

Security

QUIC, , AES_128_GCM

Server

104.21.14.101 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c933753f362af10c379a78ded6587bf009cff81745f17b5497d9655b55d75d3c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /master/diet-shrktnk-assets/100-guarantee-seal-1_2.png
pragma: no-cache
cookie: PHPSESSID=6f86f4cd9d7bd35949d0d3b00059e5e3
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: hopingbummys.com
referer: https://hopingbummys.com/?5ad1b5a6a43f315749422729ae2ca8f5
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://hopingbummys.com/?5ad1b5a6a43f315749422729ae2ca8f5
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 02 Oct 2021 16:35:24 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 78210
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 8445
x-xss-protection: 1; mode=block
last-modified: Thu, 31 Oct 2019 20:17:48 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: User-Agent, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fbdlNnGmeVGJ7y5hPDb298BZ%2FQDvStynPzi3cP8IPBbcUJqPE11WRNfm7anI3%2Btaq9SuEFCHoLQJ0wtq%2FBMz2U5dqHj1vQzvGoyJWw0Zl6VsoxoQ8S7dZqa7dnGcyh4CJZhs"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 697f57fc1ac1c2bd-FRA
expires: Fri, 08 Oct 2021 18:51:54 GMT

GET
H2 200 v9e118mez8 Show response
trk-aliquando.com/scripts/push/ 7 KB
3 KB 342ms
215ms Script
application/javascript 172.67.211.43
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://trk-aliquando.com/scripts/push/v9e118mez8

Requested by

Host: hopingbummys.com
URL: https://hopingbummys.com/inc/msg.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.211.43 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fb491e2aca01081c812645fa7c5c20e8f379f3f49dfe88c938b5cdf6d7c9b918

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; frame-src 'self' data:; connect-src 'self' https://cdn-media-2020.s3.amazonaws.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://storage.googleapis.com; style-src 'self' 'unsafe-inline'; img-src https://* data:; font-src 'self' data:
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://hopingbummys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 02 Oct 2021 16:35:24 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-xss-protection: 1; mode=block
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
x-frame-options: DENY
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin,Access-Control-Request-Method,Access-Control-Request-Headers
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=loZAOg%2B3L%2B1oGeqKHjcvdU7fv0SHacgMt8H7k4AaR304n%2F70mj4POmsXnyjPAYOoGeB6%2Ft7ayzuhuWanmeeE9JwWmnLFgKrxUQotBG%2FB5PljIhOulh%2Bz5t%2BuP1neQ9l0Cy3h3g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript;charset=UTF-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
feature-policy: geolocation 'none'; midi 'none'; sync-xhr 'none'; microphone 'none'; camera 'none'; magnetometer 'none'; gyroscope 'none'; speaker 'none'; fullscreen 'self'; payment 'none'
content-security-policy: default-src 'self'; frame-src 'self' data:; connect-src 'self' https://cdn-media-2020.s3.amazonaws.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://storage.googleapis.com; style-src 'self' 'unsafe-inline'; img-src https://* data:; font-src 'self' data:
cf-ray: 697f57fcfb794107-PRG
expires: 0

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 98 KB
26 KB 130ms
7ms Script
application/x-javascript 185.60.216.19
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: hopingbummys.com
URL: https://hopingbummys.com/inc/fbcode1.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

185.60.216.19 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-01-frx5.fbcdn.net

Software

Resource Hash

2bc2179dbcac09de834853fc91b815d3bea8112276b7b789f610078d399bcb47

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://hopingbummys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 25967
x-xss-protection: 0
pragma: public
x-fb-debug: /Vqo8GeqsebWkADuO0iLjvkUNJmScy/M+QBGZDRWS/KghPMbDp7kxFkqGfznXog1wEOwRu+QcgYQPcsDGBcFMA==
x-fb-trip-id: 917726464
x-frame-options: DENY
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
date: Sat, 02 Oct 2021 16:35:24 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 scevent.min.js Show response
sc-static.net/ 15 KB
6 KB 152ms
23ms Script
application/javascript 52.222.236.58
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sc-static.net/scevent.min.js
Requested by: Host: hopingbummys.com
URL: https://hopingbummys.com/inc/fbcode1.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.236.58 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-236-58.fra56.r.cloudfront.net
Software: CloudFront /
Resource Hash: a92b99b413aa8afe65e9a4943c148fdedab142e7b913dafc52a040d850a5b197

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://hopingbummys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 02 Oct 2021 16:35:24 GMT
content-encoding: gzip
server: CloudFront
x-edge-origin-shield-skipped: 0
x-cache: LambdaGeneratedResponse from cloudfront
content-type: application/javascript;charset=utf-8
access-control-allow-origin: *
cache-control: private, s-maxage=0, max-age=600
x-amz-cf-pop: FRA56-P4
access-control-allow-headers: Content-Type
content-length: 5873
via: 1.1 30e954298424aa69c035e25834574743.cloudfront.net (CloudFront)
x-amz-cf-id: mz7H_Cp4qw9FkAv1gfjQb2oOTcn8bJBX6z9tTgURrAaX3Gdtl97uVQ==

GET
H2 200 mgsensor.js Show response
a.mgid.com/ 12 KB
4 KB 231ms
106ms Script
application/javascript 104.19.135.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://a.mgid.com/mgsensor.js?d=1633192524175
Requested by: Host: hopingbummys.com
URL: https://hopingbummys.com/inc/fbcode1.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.135.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b127181486c082afd048feabd5f69153c3993ccccc57085e4018609ed68f43c3

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://hopingbummys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 02 Oct 2021 16:35:24 GMT
content-encoding: br
cf-cache-status: DYNAMIC
x-mg-request-uuid: 9cd61629-d8a1-40c6-b56a-893f81fb2d1e
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type: application/javascript
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cf-ray: 697f57fce9e0694c-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
server: cloudflare

GET
H2 200 KFOlCnqEu92Fr1MmYUtfBBc4.woff2
fonts.gstatic.com/s/roboto/v29/ 15 KB
15 KB 138ms
15ms Font
font/woff2 142.250.185.67
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v29/KFOlCnqEu92Fr1MmYUtfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:wght@400;500;700;900&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.67 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f3.1e100.net

Software

sffe /

Resource Hash

0e868ca932480407e63d27e8e868cb1514581142928b9be15ec9039bf5fe348f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://hopingbummys.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 29 Sep 2021 16:35:54 GMT
x-content-type-options: nosniff
age: 259170
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15724
x-xss-protection: 0
last-modified: Wed, 22 Sep 2021 16:13:37 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Thu, 29 Sep 2022 16:35:54 GMT

GET
H2 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v29/ 15 KB
16 KB 136ms
12ms Font
font/woff2 142.250.185.67
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v29/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:wght@400;500;700;900&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.67 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f3.1e100.net

Software

sffe /

Resource Hash

0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://hopingbummys.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 29 Sep 2021 16:31:40 GMT
x-content-type-options: nosniff
age: 259424
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15828
x-xss-protection: 0
last-modified: Wed, 22 Sep 2021 16:13:28 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Thu, 29 Sep 2022 16:31:40 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v29/ 15 KB
16 KB 130ms
6ms Font
font/woff2 142.250.185.67
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v29/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:wght@400;500;700;900&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.67 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f3.1e100.net

Software

sffe /

Resource Hash

cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://hopingbummys.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 27 Sep 2021 17:27:37 GMT
x-content-type-options: nosniff
age: 428867
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15688
x-xss-protection: 0
last-modified: Wed, 22 Sep 2021 16:13:19 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Tue, 27 Sep 2022 17:27:37 GMT

GET
H3 200 399694290689525 Show response
connect.facebook.net/signals/config/ 490 KB
143 KB 87ms
74ms Script
application/x-javascript 185.60.216.19
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/399694290689525?v=2.9.47&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

185.60.216.19 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-01-frx5.fbcdn.net

Software

Resource Hash

d04e478b5f2827cbf46f239fb10a9bba34914c08a524c89aa438f8904c5909d2

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://hopingbummys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
x-xss-protection: 0
pragma: public
x-fb-debug: AtQEzikZgJMVGhrWbd/pWb0Ns4h9znVmMFEzrREjKe6ZmNLVGyd94FZku8wbGYZDIlbcADslpz4JoQzNWINBEw==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Sat, 02 Oct 2021 16:35:24 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 i Show response
tr.snapchat.com/cm/ Frame CCB0 0
262 B 42ms
21ms Document
text/html 35.186.226.184
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tr.snapchat.com/cm/i?pid=cc25c7df-1e44-4f51-8ff1-8c175d6334c1

Requested by

Host: hopingbummys.com
URL: https://hopingbummys.com/?5ad1b5a6a43f315749422729ae2ca8f5

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.186.226.184 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

184.226.186.35.bc.googleusercontent.com

Software

nginx/1.17.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

:method: GET
:authority: tr.snapchat.com
:scheme: https
:path: /cm/i?pid=cc25c7df-1e44-4f51-8ff1-8c175d6334c1
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://hopingbummys.com/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://hopingbummys.com/

Response headers

server: nginx/1.17.3
date: Sat, 02 Oct 2021 16:35:24 GMT
content-type: text/html
content-length: 0
strict-transport-security: max-age=31536000; includeSubDomains; preload
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 js-sha256-v1.min.js Show response
sc-static.net/ 22 KB
9 KB 23ms
8ms Script
application/javascript 52.222.236.58
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sc-static.net/js-sha256-v1.min.js
Requested by: Host: sc-static.net
URL: https://sc-static.net/scevent.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.236.58 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-236-58.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: ba3d77e0be4f968f93a865602a9d4c51631083244a570b7a31690cc9e414a253

Request headers

Referer: https://hopingbummys.com/
Origin: https://hopingbummys.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 02 Oct 2021 07:44:53 GMT
content-encoding: gzip
age: 31832
x-edge-origin-shield-skipped: 0
x-cache: Hit from cloudfront
access-control-allow-origin: *
last-modified: Fri, 05 Apr 2019 00:32:08 GMT
server: AmazonS3
etag: W/"68f2467c84878293c9ee497dbc99a17f"
vary: Accept-Encoding,Origin
access-control-allow-methods: GET
content-type: application/javascript
via: 1.1 f2c65205154aaf89a2c7bbc8fe8fdabb.cloudfront.net (CloudFront)
access-control-expose-headers: Content-Type
cache-control: public, s-maxage=86400, max-age=600
x-amz-cf-pop: FRA56-P4
x-amz-cf-id: XwDt79XpOHEApLOkkhsUgQLQ_xHjOoGAPRK8ffG-JhgqJzPidl4JRg==

GET
H3 200 1x1.gif
a.mgid.com/ 43 B
435 B 116ms
105ms Image
image/gif 104.19.135.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://a.mgid.com/1x1.gif?id=507061&type=c&tg=&r=https%3A%2F%2Fhopingbummys.com%2F%3F5ad1b5a6a43f315749422729ae2ca8f5&utmc=0&utmt=0&nv=1&utms=&utmcp=&utmm=&clid=&cmgid=0&cmtid=0&cmtuid=0&d=1633192524520
Requested by: Host: hopingbummys.com
URL: https://hopingbummys.com/?5ad1b5a6a43f315749422729ae2ca8f5
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.19.135.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://hopingbummys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 02 Oct 2021 16:35:24 GMT
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray: 697f57fe5ccb5b92-FRA
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: image/gif
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

POST
H3 200 p Show response
tr.snapchat.com/ Frame 4CC5 0
15 B 37ms
27ms Document
text/html 35.186.226.184
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tr.snapchat.com/p

Requested by

Host: hopingbummys.com
URL: https://hopingbummys.com/?5ad1b5a6a43f315749422729ae2ca8f5

Protocol

Security

QUIC, , AES_128_GCM

Server

35.186.226.184 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

184.226.186.35.bc.googleusercontent.com

Software

nginx/1.17.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

:method: POST
:authority: tr.snapchat.com
:scheme: https
:path: /p
content-length: 356
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
origin: https://hopingbummys.com
content-type: application/x-www-form-urlencoded
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://hopingbummys.com/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
Origin: https://hopingbummys.com
Content-Type: application/x-www-form-urlencoded
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://hopingbummys.com/

Response headers

server: nginx/1.17.3
date: Sat, 02 Oct 2021 16:35:24 GMT
content-type: text/html
content-length: 0
access-control-allow-origin: *
cache-control: no-cache, no-transform
set-cookie: sc_at=v2|H4sIAAAAAAAAAAXBiQ3AMAgDwImQbPNEGadpwxQM37v+Gkt0i6xjUSvtufnapYQGz3bMsNy5lYrBD/GZ2icyAAAA;SameSite=None;Version=1;Comment=;Domain=.snapchat.com;Path=/;Max-Age=33696000;Secure
strict-transport-security: max-age=31536000; includeSubDomains; preload
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

POST
H3 200 p Show response
tr.snapchat.com/ Frame CBDD 0
15 B 33ms
30ms Document
text/html 35.186.226.184
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tr.snapchat.com/p

Requested by

Host: hopingbummys.com
URL: https://hopingbummys.com/?5ad1b5a6a43f315749422729ae2ca8f5

Protocol

Security

QUIC, , AES_128_GCM

Server

35.186.226.184 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

184.226.186.35.bc.googleusercontent.com

Software

nginx/1.17.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

:method: POST
:authority: tr.snapchat.com
:scheme: https
:path: /p
content-length: 359
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
origin: https://hopingbummys.com
content-type: application/x-www-form-urlencoded
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://hopingbummys.com/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
Origin: https://hopingbummys.com
Content-Type: application/x-www-form-urlencoded
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://hopingbummys.com/

Response headers

server: nginx/1.17.3
date: Sat, 02 Oct 2021 16:35:24 GMT
content-type: text/html
content-length: 0
access-control-allow-origin: *
cache-control: no-cache, no-transform
set-cookie: sc_at=v2|H4sIAAAAAAAAAA3FyQ0AIAgAsIlIOAXGEWULhtd+KhjlGQElTqCVB8JuAjbublrSxDN/oWRjHXyhWkm3MgAAAA==;SameSite=None;Version=1;Comment=;Domain=.snapchat.com;Path=/;Max-Age=33696000;Secure
strict-transport-security: max-age=31536000; includeSubDomains; preload
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 /
www.facebook.com/tr/ 44 B
313 B 22ms
7ms Image
image/gif 185.60.216.35
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=399694290689525&ev=PageView&dl=https%3A%2F%2Fhopingbummys.com%2F%3F5ad1b5a6a43f315749422729ae2ca8f5&rl=https%3A%2F%2Felasticlines.com%2F&if=false&ts=1633192524660&sw=1600&sh=1200&v=2.9.47&r=stable&ec=0&o=30&fbp=fb.1.1633192524658.1695871449&it=1633192524505&coo=false&rqm=GET

Requested by

Host: hopingbummys.com
URL: https://hopingbummys.com/?5ad1b5a6a43f315749422729ae2ca8f5

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

185.60.216.35 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

edge-star-mini-shv-01-frx5.facebook.com

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://hopingbummys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 02 Oct 2021 16:35:24 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 44
expires: Sat, 02 Oct 2021 16:35:24 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
101 B 22ms
7ms Image
image/gif 185.60.216.35
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=399694290689525&ev=ViewContent&dl=https%3A%2F%2Fhopingbummys.com%2F%3F5ad1b5a6a43f315749422729ae2ca8f5&rl=https%3A%2F%2Felasticlines.com%2F&if=false&ts=1633192524663&sw=1600&sh=1200&v=2.9.47&r=stable&ec=1&o=30&fbp=fb.1.1633192524658.1695871449&it=1633192524505&coo=false&rqm=GET

Requested by

Host: hopingbummys.com
URL: https://hopingbummys.com/?5ad1b5a6a43f315749422729ae2ca8f5

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

185.60.216.35 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

edge-star-mini-shv-01-frx5.facebook.com

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://hopingbummys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 02 Oct 2021 16:35:24 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 44
expires: Sat, 02 Oct 2021 16:35:24 GMT

POST
H3 200 v9e118mez8
event.trk-aliquando.com/register/event_log/ 0
0 235ms
219ms Fetch 104.21.77.189
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://event.trk-aliquando.com/register/event_log/v9e118mez8

Requested by

Host: trk-aliquando.com
URL: https://trk-aliquando.com/scripts/push/v9e118mez8

Protocol

Security

QUIC, , AES_128_GCM

Server

104.21.77.189 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; frame-src 'self' data:; connect-src 'self' https://cdn-media-2020.s3.amazonaws.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://storage.googleapis.com; style-src 'self' 'unsafe-inline'; img-src https://* data:; font-src 'self' data:
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Referer: https://hopingbummys.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-type: application/json

Response headers

date: Sat, 02 Oct 2021 16:35:25 GMT
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-pushplatformapp-alert: pushPlatformApp.pushSubscription.deleted
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 0
x-xss-protection: 1; mode=block
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
expires: 0
server: cloudflare
x-frame-options: DENY
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin,Access-Control-Request-Method,Access-Control-Request-Headers
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=E0Sbd%2FfYm7C5Dze2zOZTSZjByeYnJa%2FhRjea%2FhHaSw2xOYTEnV8BNDB6a83r8RQTn3iavRzO%2FiX6pI1L2Nlyz1J%2Bh%2Fvx0p5Xc%2FucbWbwiliFVv08GVr4vIUd51mCRDigDHv5IF5k5oUfmQ%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: https://hopingbummys.com
access-control-expose-headers: Authorization, Link, X-Total-Count
cache-control: no-cache, no-store, max-age=0, must-revalidate
feature-policy: geolocation 'none'; midi 'none'; sync-xhr 'none'; microphone 'none'; camera 'none'; magnetometer 'none'; gyroscope 'none'; speaker 'none'; fullscreen 'self'; payment 'none'
content-security-policy: default-src 'self'; frame-src 'self' data:; connect-src 'self' https://cdn-media-2020.s3.amazonaws.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://storage.googleapis.com; style-src 'self' 'unsafe-inline'; img-src https://* data:; font-src 'self' data:
access-control-allow-credentials: true
cf-ray: 697f5802af662778-PRG
x-pushplatformapp-params

OPTIONS
H2 200 v9e118mez8
event.trk-aliquando.com/register/event_log/ Frame 0
0 264ms
218ms Preflight 104.21.77.189
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://event.trk-aliquando.com/register/event_log/v9e118mez8
Protocol: H2
Server: 104.21.77.189 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://hopingbummys.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Sat, 02 Oct 2021 16:35:25 GMT
content-length: 0
access-control-allow-headers: content-type
access-control-expose-headers: Authorization, Link, X-Total-Count
access-control-allow-origin: https://hopingbummys.com
vary: Origin,Access-Control-Request-Method,Access-Control-Request-Headers
access-control-allow-credentials: true
access-control-allow-methods: POST
access-control-max-age: 1800
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iLq1ViEWTF4ZA6Pimdzc3jvLHhf5P4eIZXSSxOBXmzIyhm%2B1bEFgyyifVhY2nzviBUMyq7s%2B3HWoTr6a%2FJ32odoorLpqhZkUF5nXASTcAvOzEoJez1YF06FVFgnjr6JOCMRTRQ8MOFiB%2Fw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 697f58012855410d-PRG
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

POST
H3 200 v9e118mez8
event.trk-aliquando.com/register/event_log/ 0
0 243ms
220ms Fetch 104.21.77.189
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://event.trk-aliquando.com/register/event_log/v9e118mez8

Requested by

Host: trk-aliquando.com
URL: https://trk-aliquando.com/scripts/push/v9e118mez8

Protocol

Security

QUIC, , AES_128_GCM

Server

104.21.77.189 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; frame-src 'self' data:; connect-src 'self' https://cdn-media-2020.s3.amazonaws.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://storage.googleapis.com; style-src 'self' 'unsafe-inline'; img-src https://* data:; font-src 'self' data:
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Referer: https://hopingbummys.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-type: application/json

Response headers

date: Sat, 02 Oct 2021 16:35:25 GMT
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-pushplatformapp-alert: pushPlatformApp.pushSubscription.deleted
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 0
x-xss-protection: 1; mode=block
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
expires: 0
server: cloudflare
x-frame-options: DENY
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin,Access-Control-Request-Method,Access-Control-Request-Headers
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3BrQNmTZA9zQT6zTN6j3kS3suZ28qpJRCb7RuQ%2FtkY6%2FPpyLV9ZX1VK00gb33jvLOEJorlhm1ooEQf%2F1VfIfIhrCADmqvfAFn8HTQnfJDBOlzKVhucDcKs%2BnENQhFokr21tgkpBele4gPg%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: https://hopingbummys.com
access-control-expose-headers: Authorization, Link, X-Total-Count
cache-control: no-cache, no-store, max-age=0, must-revalidate
feature-policy: geolocation 'none'; midi 'none'; sync-xhr 'none'; microphone 'none'; camera 'none'; magnetometer 'none'; gyroscope 'none'; speaker 'none'; fullscreen 'self'; payment 'none'
content-security-policy: default-src 'self'; frame-src 'self' data:; connect-src 'self' https://cdn-media-2020.s3.amazonaws.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://storage.googleapis.com; style-src 'self' 'unsafe-inline'; img-src https://* data:; font-src 'self' data:
access-control-allow-credentials: true
cf-ray: 697f5802af652778-PRG
x-pushplatformapp-params

OPTIONS
H2 200 v9e118mez8
event.trk-aliquando.com/register/event_log/ Frame 0
0 256ms
211ms Preflight 104.21.77.189
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://event.trk-aliquando.com/register/event_log/v9e118mez8
Protocol: H2
Server: 104.21.77.189 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://hopingbummys.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Sat, 02 Oct 2021 16:35:25 GMT
content-length: 0
access-control-allow-headers: content-type
access-control-expose-headers: Authorization, Link, X-Total-Count
access-control-allow-origin: https://hopingbummys.com
vary: Origin,Access-Control-Request-Method,Access-Control-Request-Headers
access-control-allow-credentials: true
access-control-allow-methods: POST
access-control-max-age: 1800
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dhnUKPNxx0DfkE3O%2FOOrPk2G9%2FPBcJGvuCHmza17Aq1NQjAKImTJ5ExH67p1C60S4bn0fW%2BANNM8qrLKA8aSud%2BhXr30nugO6OhDC9jwX5ub20v2lCSK8ZN1BFlIMNgjwafZKfBElGH6Gw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 697f58012857410d-PRG
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H3 200 /
www.facebook.com/tr/ 44 B
91 B 17ms
8ms Image
image/gif 185.60.216.35
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=399694290689525&ev=Microdata&dl=https%3A%2F%2Fhopingbummys.com%2F%3F5ad1b5a6a43f315749422729ae2ca8f5&rl=https%3A%2F%2Felasticlines.com%2F&if=false&ts=1633192526163&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%2250lbs%20in%2061%20Days%3A%20New%20No-Exercise%20%E2%80%98Skinny%20Pill%E2%80%99%20Melts%20Belly%20Fat.%20Why%20Every%20Judge%20On%20Shark%20Tank%20Backed%20This%20Product!%22%7D&cd[OpenGraph]=%7B%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.47&r=stable&ec=2&o=30&fbp=fb.1.1633192524658.1695871449&it=1633192524505&coo=false&es=automatic&tm=3&rqm=GET

Protocol

Security

QUIC, , AES_128_GCM

Server

185.60.216.35 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

edge-star-mini-shv-01-frx5.facebook.com

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://hopingbummys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 02 Oct 2021 16:35:26 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
content-length: 44
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
priority: u=3,i
expires: Sat, 02 Oct 2021 16:35:26 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: hopingbummys.com
URL: https://hopingbummys.com/css/utils.min.css

Domain: hopingbummys.com
URL: https://hopingbummys.com/master/shadowbox.css

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Weightloss Scam (Online)

39 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

12 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
sc-static.net/scevent.min.js	1970-01-19 21:41:18	Name: X-AB Value: 0d6e407936704bd380072f5891d28b0e
.bit.ly/	1970-01-20 01:59:04	Name: _bit Value: l92gzj-adcd21ab0bd38577e7-008
elasticlines.com/	1970-01-19 22:23:08	Name: uid1718 Value: 614077412-20211002123523-15c662f59f0f3391bdcfc4ad57150168-
herculianstr.com/	1969-12-31 23:59:59	Name: PHPSESSID Value: 0ed5672a80307ec423c6e5175d4c0f0b
hopingbummys.com/	1969-12-31 23:59:59	Name: PHPSESSID Value: 6f86f4cd9d7bd35949d0d3b00059e5e3
.mgid.com/	1970-01-25 20:31:23	Name: muidn Value: l92ovvaVrsz9
.mgid.com/	1970-01-19 21:39:54	Name: __cf_bm Value: 482cbe6f95530a4c2d7168cab00ddb22da31cb34-1633192524-0-AaUYwHDWa7nPAwSNXtrxzGeTojVRFuHxnArjSXtNzgHr5kV1TfaTLCa8s4UzcVoQWDcTxWPplOK3//yPsCwMJws=
.hopingbummys.com/	1970-01-20 07:09:39	Name: _scid Value: bc53baaf-0da4-405e-b956-ee1134165172
hopingbummys.com/	1970-01-19 23:49:28	Name: MgidSensorNVis Value: 1
hopingbummys.com/	1970-01-19 23:49:28	Name: MgidSensorHref Value: https://hopingbummys.com/?5ad1b5a6a43f315749422729ae2ca8f5
.snapchat.com/	1970-01-20 07:01:28	Name: sc_at Value: v2\|H4sIAAAAAAAAAA3FyQ0AIAgAsIlIOAXGEWULhtd+KhjlGQElTqCVB8JuAjbublrSxDN/oWRjHXyhWkm3MgAAAA==
.hopingbummys.com/	1970-01-19 23:49:28	Name: _fbp Value: fb.1.1633192524658.1695871449

4 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://hopingbummys.com/master/shadowbox.js Message: Failed to load resource: the server responded with a status of 404 ()
security	error	URL: https://hopingbummys.com/?5ad1b5a6a43f315749422729ae2ca8f5 Message: Refused to apply style from 'https://hopingbummys.com/master/shadowbox.css' because its MIME type ('text/html') is not a supported stylesheet MIME type, and strict MIME checking is enabled.
security	error	URL: https://hopingbummys.com/?5ad1b5a6a43f315749422729ae2ca8f5 Message: Refused to apply style from 'https://hopingbummys.com/css/utils.min.css' because its MIME type ('text/html') is not a supported stylesheet MIME type, and strict MIME checking is enabled.
other	error	URL: https://hopingbummys.com/?5ad1b5a6a43f315749422729ae2ca8f5 Message: Chrome currently does not support the Push API in incognito mode (https://crbug.com/401439). There is deliberately no way to feature-detect this, since incognito mode needs to be undetectable by websites.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.mgid.com
banko.ru.com
bit.ly
code.ionicframework.com
connect.facebook.net
elasticlines.com
event.trk-aliquando.com
fonts.googleapis.com
fonts.gstatic.com
herculianstr.com
hopingbummys.com
sc-static.net
tr.snapchat.com
trk-aliquando.com
www.facebook.com
hopingbummys.com
104.19.135.78
104.21.14.101
104.21.31.196
104.21.77.189
104.26.6.173
142.250.184.202
142.250.185.67
172.67.211.43
172.99.173.141
185.60.216.19
185.60.216.35
35.186.226.184
52.222.236.58
67.199.248.10
87.120.8.153
05b3a277980f5493f1feca82a6493c8dc83f5a43dff796736559be1077ccec1f
0d17710ec8fdd8345e06a46060c8c4cc0aea6624ab9cc4e1911e55da425d825d
0e868ca932480407e63d27e8e868cb1514581142928b9be15ec9039bf5fe348f
0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
19b42a034a6f8978e5774a746e2a0da52fda1fa1233dc04342d8dd606837fa61
1d24768e8f2b98f53752f8767b070b64d060c3cb38e00dac701febab661e1b71
2bc2179dbcac09de834853fc91b815d3bea8112276b7b789f610078d399bcb47
31825b853e17fdd1f53cd0ad03626a9dd108418a0b91293a67d559d4563bbcbc
363d9c1ea95c22f5acfa91816599219cc3dc5e54ba777ee3841d8a03b5179e2f
38cff44ce0d59999f967c0fe4d3bf448dbf2439965ffe5b14b0eece1515d4b5f
43fccd349655df7497727c1c95d4fd97033f8aaf649067cbafb2b6d2751cf340
515ad9e110e185f90bd0aef59138c02bb4a7c0b316f982b5226feb511d57988f
6018f31e4190c0c7e9eeb91486445aa15379f779dbf9455d5421657e02913940
8526f89caa77931946ad6e066a3b76845d9b5f7c9b896eda7229f4320143336d
883979605c75b733eb6d6754cb6f115b10d295c3f041ac919c2d2f828f65237a
8da26bddf8849eb8f4774bb82d77cc7f2e816779b1ae4373edf7dae5b6d54e05
97e8642006a037d8288ac1cd9fda7908e8558951cc18c33fced06dfa4a04fd71
98f0cf4d099f89bae2af62f3492d64d3bffb955f3396fa3746a05edd792d4925
9e0834f46d9f5139e8b7f8f5f09be31053c44e3caee6f11caec08480d1d328dc
a2e19c3b42ff55aab5a929e9d445d22b04a0dc832f6d7f93097398246180ae03
a92b99b413aa8afe65e9a4943c148fdedab142e7b913dafc52a040d850a5b197
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22
aab8ebd7fb3b60142e7ab447cf11c19b781ea63fcd0981917783909061fd907c
ad07ea8d152d5ab7cec7529e65e868c0ebbf64e72915eda7ce49a1db8b4377e8
b127181486c082afd048feabd5f69153c3993ccccc57085e4018609ed68f43c3
ba3d77e0be4f968f93a865602a9d4c51631083244a570b7a31690cc9e414a253
c039304b1f83ce8df5462bdc85730898ebd3e7762d0833f5d6b2d123cd627dd8
c933753f362af10c379a78ded6587bf009cff81745f17b5497d9655b55d75d3c
cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca
d04e478b5f2827cbf46f239fb10a9bba34914c08a524c89aa438f8904c5909d2
e1f98ccf79d380deb41bb2c3a281390b81ccee0e182e47827847a15a4f8e9411
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e43fff2ba016b4edef9c902f806ebab91a4a3b61d7b82b3648b62e1338721537
e7a35657b2c0f2eaa8e7d3da99d021492453979c35f5bd8d650eb177fc437dec
eb9783874c9ff9adac5dc902c42a885a482f66985b674c6e6e6a41b432c414e9
fb491e2aca01081c812645fa7c5c20e8f379f3f49dfe88c938b5cdf6d7c9b918
fff3cc2f768decb746bbd03980b498f1b35087aa32804bb2c83b8441a9879078

hopingbummys.com Open in urlscan Pro 104.21.14.101 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

64 Requests

75 %HTTPS

0 %IPv6

14 Domains

15 Subdomains

14 IPs

4 Countries

2012 kBTransfer

2674 kBSize

12 Cookies

0 Outgoing links

Page URL History

Redirected requests

64 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

hopingbummys.com Open in urlscan Pro
104.21.14.101 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

64
Requests

75 %
HTTPS

0 %
IPv6

14
Domains

15
Subdomains

14
IPs

4
Countries

2012 kB
Transfer

2674 kB
Size

12
Cookies

64 HTTP transactions
0 data transactions